Read cookie

How can I get the value of a browser cookie with Ruby?

Pål Bergström wrote:

How can I get the value of a browser cookie with Ruby?

In what framework? CGI? Rack? Rails? Sinatra? Other?

If you are writing a CGI there is a 'cookies' accessor. For details see
the comments in the source at /usr/lib/ruby/1.8/cgi.rb (or wherever it
is installed on your system)

Brian Candler wrote:

Pål Bergström wrote:

How can I get the value of a browser cookie with Ruby?

In what framework? CGI? Rack? Rails? Sinatra? Other?

If you are writing a CGI there is a 'cookies' accessor. For details see
the comments in the source at /usr/lib/ruby/1.8/cgi.rb (or wherever it
is installed on your system)

It's rails. I used CGI but doesn't seem to work anymore. I just want to
get a value of a cookie with a ruby script in /lib. What about net/http?

Brian Candler wrote:

In what framework? CGI? Rack? Rails? Sinatra? Other?

Btw, I'm not sure I follow. Does it have to be within a framework?
Isn't the framework built with ruby in the first place? Never mind
Rails. I don't need the cookie there. That's easy. I need it in a script
in /lib.

And have you looked for 'cookie' in the Rails API docs?

So, you need to make a request to a site and get the cookie that the
server sends back?
If that's the case then try this:

require 'mechanize'

agent = WWW::Mechanize.new
page = agent.get("http://www.google.com")
p agent.cookies

Jesus.

Pål Bergström wrote:

It's rails. I used CGI but doesn't seem to work anymore. I just want to
get a value of a cookie with a ruby script in /lib. What about net/http?

It's not clear what you want now.

Are you writing a web *client* in Ruby - something which initiates a
connection to a web server, and sends a HTTP request? (Like a browser)

Or a web *server* - something which listens for incoming HTTP requests,
and answers them?

net/http is something you'd use for the former, and rails is something
you'd use for the latter.

The cookie interaction is described at:

Roughly:
* The server includes a "Set-Cookie:" header in a response
* The client includes a "Cookie:" header in each subsequent request to
the same server

When you say you want to "get the value of a browser cookie" it sounds
like you're writing something server-side, to extract the cookies sent
by the browser. But if you're writing a client using net/http or
mechanize, then it's you who *sends* the cookies with each request in
the first place.

Hassan Schroeder wrote:

Jesús Gabriel y Galán wrote:

So, you need to make a request to a site and get the cookie that the
server sends back?
If that's the case then try this:

require 'mechanize'

agent = WWW::Mechanize.new
page = agent.get("http://www.google.com")
p agent.cookies

It reguards my own site.

Looks great and simple. Is Mechanize someting I need to install or is it
part of Ruby?

Jesús Gabriel y Galán wrote:

require 'mechanize'

agent = WWW::Mechanize.new
page = agent.get("http://www.google.com")
p agent.cookies

Got it working when installed as a gem. Thank you so much Don't
understand why I didn't get an answer before. I've asked about this
severeal times. Hopefully I'm on the right track now.

I do get a cookie. A session cookie. But how do I get a particular
cookie?

When you say you want to "get the value of a browser cookie" it sounds
like you're writing something server-side, to extract the cookies sent
by the browser. But if you're writing a client using net/http or
mechanize, then it's you who *sends* the cookies with each request in
the first place.

I'm sorry if I'm unclear. But I don't understand what the problem is
with my question. So let me ask again.

Before I could get the value in a cookie, any cookie, from a browser
visiting a rails app using cgi. I used it in Rails in order to get a
unique string into the model. I can't use cookies[:cookie_name] for
that. As I understand it I can't do that with Rails 2.3.x ( or 3?).
That's what I want to do.

So where would you be "getting" this cookie from? Stored in a file? As
part of an HTTP request? If the latter, what's handling the request in
the first place?

In short, what is the context?

Pål Bergström wrote:

Hassan Schroeder wrote:

And have you looked for 'cookie' in the Rails API docs?

I'm asking about getting a cookie value in Ruby, not Rails.

Can I get the value using Rack?

Looks great and simple. Is Mechanize someting I need to install or is it
part of Ruby?

I need to install Nokogiri first

Jesús Gabriel y Galán wrote:

require 'mechanize'

agent = WWW::Mechanize.new
page = agent.get("http://www.google.com")
p agent.cookies

Got it working when installed as a gem. Thank you so much Don't
understand why I didn't get an answer before.

Maybe because your question was not completely clear, and could get
confused for someone trying to develop a web application and retreving
the cookie in the server that's serving the request. A better question
could have been:

I am hitting my own website with a script and the server returns a
cookie in the response: what's the best way to make the request and
read the cookie set by the server? Or something like this

I've asked about this
severeal times. Hopefully I'm on the right track now.

I do get a cookie. A session cookie. But how do I get a particular
cookie?

The cookies method returns an array of cookies, you will have to
search for the particular one inside that array: try Array#find method
or such.

Jesus.

Pål Bergström wrote:

I'm sorry if I'm unclear. But I don't understand what the problem is
with my question. So let me ask again.

Before I could get the value in a cookie, any cookie, from a browser
visiting a rails app using cgi. I used it in Rails in order to get a
unique string into the model.

(Presumably a unique string which your app provided in a previous
request, via Set-Cookie)

I can't use cookies[:cookie_name] for
that. As I understand it I can't do that with Rails 2.3.x ( or 3?).

Are you sure? Have you tried it? The method seems to be there:
http://api.rubyonrails.org/classes/ActionController/Cookies.html

Or you could try request.cookies["cookie_name"] instead.

However, in a rails app you rarely manipulate cookies directly. Rather
you'd do:

   session[:foo] = "bar"

By default, Rails serialises the entire session object, signs it
cryptographically, and then sends it to the client as a cookie. This
allows you to store sensitive information (e.g. admin rights) whilst
being sure the user will not be able to tamper with it.

Hassan Schroeder wrote:

In short, what is the context?

Using a personal encryption script in models, with a key stored in a
cookie. For making certain data encrypted when saving to the database
using 'before_save'. Can't get that through Rails.

That should read Enumerable#find

Jesus.

Just tested with rails 2.3.8, and it seems to be fine:

rails foobar
cd foobar
cat <<EOF >app/controllers/foobar_controller.rb
class FooController < ApplicationController
  def bar
    render :text => cookies["test"].inspect
    cookies["test"] = Time.now.to_s
  end
end
EOF
script/server

Point browser at http://127.0.0.1:3000/foo/bar - and then refresh.

The value displayed (which is the value in the cookie) is the timestamp
of the previous request.

So it took a very long time to get here, given that you didn't say in
the first place you were writing a Rails app (probably the question
would have been better directed to a Rails forum then); then in another
posting you said "Never mind
Rails. I don't need the cookie there"; in another you mentioned
net/http.

Brian Candler wrote:

The value displayed (which is the value in the cookie) is the timestamp
of the previous request.

But that's in the controller. Or do I miss something?

So it took a very long time to get here, given that you didn't say in
the first place you were writing a Rails app (probably the question
would have been better directed to a Rails forum then); then in another
posting you said "Never mind
Rails. I don't need the cookie there"; in another you mentioned
net/http.

I thought it would be better here as I thought it was more relevant for
Ruby than Rails. I've asked in Rails before but didn't get a solution.
And I'm not a pure programmer (obviously), more a designer trying to
build web apps. I'm still learning. Otherwise I wouldn't ask and I would
know exactly the difference between cgi, net/http, and so on.

One more time:

1) I have a Rails app.

2) I have/had certain data aes encrypted in certain columns in mysql
with a unique key for each user. That key is saved in a cookie. If they
use an iPhone or another browser they need to ad the key to each
browser. It's just another layer of security on top of Rails. So if
someone get hold of that key it's useless unless you login or break the
security of mysql.

3) l use "before_save" and "fast-aes" in the model. So everything happes
in the model and in a script for encrypting located in /lib, just
because I can't get the cookie into the model with rails
cookies[:my_cookie]. Or can I? Maybe I'm overlooking something. Can get
the value of a cookie from the controller into the model in a simple
uniform way?

4) I used cgi to get the cookie value before. Now I can't do that after
rails 2.3.x. I wonder if I can do it in another way?